Courses by Symantec

  • Course: Symantec Security Analytics 7.x Administrator
  • Length: 2
SCHEDULE

Symantec Security Analytics 7.x Administrator

COURSE SUMMARY

The course is intended for IT professionals who want to master the fundamentals of the Blue Coat Security Analytics solution. After completing this course, you will be able to:

- Identify and evaluate scenarios and deployment options based on organizational needs, network configurations,
and storage capacity

- Navigate the GUI, identify its main functional areas, and understand how tokens in the path bar, time-frame values,
and other factors determine the information displayed

- Select network locations for data capture and describe the potential implications

- Use the path bar to filter out noise and narrow your focus on relevant data

- Use reports and extractions to find and analyze relevant data

Audience / Target Group:

IT network or security professionals who wish to master the fundamentals of Blue Coat products, with a focus on network security, and who may have not taken any previous Blue Coat training courses.

COURSE DETAIL-

Pre-requisites:

Participants should be familiar with network administration in distributed, enterprise-class LAN/WAN topologies, including basic Unix/Linux administration and have some experience with using proxies, firewalls, routers, and switches to implement network-security policies. Basic to advanced knowledge of best practices for incident response and continuous monitoring is a plus.

AGENDA:

- Security Analytics Product Introduction
- Solution Design
- Installation and Setup
- Security Analytics User Interface
- Reports – What Do They Tell Me?
- The Filter Bar
- Advanced Filters to Query Report Data
- Favorites
- File Extraction (Introduction)
- Management, Monitoring, and Maintenance

Participants will become Blue Coat Certified Security Analytics Administrators upon completing the course and passing the Prometric online exam.

 
  • Course: Symantec Security Analytics 7.x Professional
  • Length: 2 Days
SCHEDULE

Symantec Security Analytics 7.x Professional

COURSE SUMMARY -

 

The course designed for participants who want to learn how to use the Blue Coat Security Analytics platform to perform virtually any type of network-based monitoring and forensic
analysis, including incident-response investigation, real-time situational awareness, and continuous monitoring for indicators of compromise (IOCs) and advanced persistent threats (APTs). After completing this course, you will be able to:

- Map high-level operational functions to internal system modules and identify how data flows through the system
- Use reports and extractions to find and analyze relevant data to solve problems
- Use the Security Analytics platform for incident-response
- Use comparisons and advanced display filters to narrow search results
- Apply kill-chain analysis to discover and describe indicators of compromiseAudience / Target Group:

Audience / Target Group:

IT network or security professionals who want to master the use of Blue Coat Security Analytics
and who have completed the Blue Coat Security Analytics Administrator course.

 COURSE DETAIL-

Pre-requisites:

Participants should have a sound understanding of the OSI reference model and common networking protocols, and how those protocols make connections, keep state, and transfer data, along with basic experience with network packet and flow analysis, including the use of PCAP files, tcpdump, and Wireshark. Basic to advanced knowledge of best practices for incident response and continuous monitoring will provide a significant advantage.

AGENDA:

- Theory of Operation
- File Extraction
- Data Enrichment
- Threat BLADES
- Kill Chain Analysis
- To Look for Indicators of Compromise (IOCs)
- Integration
- The Virtual File System (VFS)

Participants will become Blue Coat Certified Security Analytics Professionals upon completing the course and passing the Prometric online exam.

 

  • Course: Symantec ProxySG v6.6 Basic Administration
  • Length: 2
SCHEDULE

Symantec ProxySG v6.6 Basic Administration

  • Course: Symantec ProxySG v6.6 Advanced Administration
  • Length: 2
SCHEDULE

Symantec ProxySG v6.6 Advanced Administration

  • Course: Symantec Data Loss Prevention 15: Administration
  • Length: 5
SCHEDULE

Symantec Data Loss Prevention 14.6: Administration

  • Course: Symantec Endpoint Protection 14.x: Configure and Protect
  • Length: 3
SCHEDULE

Symantec Endpoint Protection 14.x: Configure and Protect

  • Course: Symantec PacketShaper 11.9 Essentials
  • Length: 3
SCHEDULE

Symantec PacketShapper 11.9 Essentials

  • Course: SSL Visibility 4.3 Administration
  • Length: 2

Course Description: The SSL Visibility 4.3 administration course enables you to plan, implement, configure and managed your SSLV appliance(s). This is a lecture-only course, there will be no hands-on access to an SSLV appliance during the course.

Duration: 2 Days

Target Audience:

The SSL Visibility 4.3 Administration course is intended for students who wish install and manage the SSLV appliance in a production environment.

Prerequisites:

This course assumes that students have a basic understanding of:

  • SSL/TSL
  • TCP/IP
  • Network security devices
  • ProxySG

Course Outline:

Module 1: Introduction to Encrypted Traffic Management

Module 2: Introduction to Encrypted Traffic Management with Symantec SSLV

Module 3: Deploying the SSLV

Module 4: Migrate and Upgrade SSLV

Module 5: Expose Encrypted Inbound Traffic for Security Devices While Maintaining Security Levels

Module 6: Expose Encrypted Outbound Traffic for Security Devices and Prevent Data Loss

Module 7: Expose Encrypted Threats for Forensic Analysis While Maintaining Compliance Regulations

Module 8: Offload SSL Decryption to Improve ProxySG Efficiency

Module 9: Simplify Management of multiple SSLV Appliances with Management Center

  • Course: Symantec Endpoint Protection 14.x: Manage and Admin
  • Length: 2 Days
SCHEDULE

COURSE DESCRIPTION

The Symantec Endpoint Protection 14.x: Manage and Administer course is designed for the network, IT security, and systems administration professional in a Security Operations position tasked with the day-to-day operation of the SEPM management console. The class covers configuring sever-client communication, domains, groups, and locations and Active Directory integration. You also learn how Symantec Endpoint Protection uses LiveUpdate servers and Group Update Providers to deliver content to clients. In addition, you learn how to respond to incidents using monitoring and reporting.

 

Duration

Two-days

Course Objectives

By the completion of this course, you will be able to:

  • Describe how the Symantec Endpoint Protection Manager (SEPM) communicates with clients and make appropriate changes as necessary.
  • Design and create Symantec Endpoint Protection group structures to meet the needs of your organization.
  • Respond to threats using SEPM monitoring and reporting.
  • Analyze the content delivery system (LiveUpdate).
  • Reduce bandwidth consumption using the best method to deliver content updates to clients.
  • Configure Group Update Providers.
  • Create location aware content updates.
  • Use Rapid Release definitions to remediate a virus outbreak.

Who Should Attend

This course is for IT and system administration professionals who are charged with managing and monitoring Symantec Endpoint Protection endpoints.

 

COURSE OUTLINE

Introduction

  • Course environment
  • Lab environment

Monitoring and Managing Endpoints

  • Managing Console Access and Delegating Responsibility
  • Managing Client-to-SEPM Communication
  • Managing the Client Architecture and Active Directory Integration
  • Managing Clients and Responding to Threats
  • Monitoring the Environment and Responding to Threats
  • Creating Incident and Health Reports

Enforcing Content Updates on Endpoints using the Best Method

  • Introducing Content Updates using LiveUpdate
  • Analyzing the SEPM Content Delivery System
  • Managing Group Update Providers
  • Configuring Location Aware Content Updates
  • Managing Certified and Rapid Release Definitions

 

 

Register Now